[Bro] intel.log file stops getting generated.
Jan Grashöfer
jan.grashoefer at gmail.com
Wed Jan 25 01:10:12 PST 2017
Hi Fatema,
> Running Bro 2.5, everything is working except intel.log file stop getting
> generated.
just to be sure: You haven't configured intel expiration, right?
> Last event in that file was around 12:45pm today, and after it got rotated,
> I didn't see intel.log for 1pm hour and still no log for intel.log in the
> current log dir.
>
> Don't know why all of a sudden intel.log stopped geting generated.
How long was that instance running and is that behavior reproducible?
Have you noticed anything in reporter.log? To debug whether this is a
logging issue or an intel framework issue you might add a debug print to
the matching event.
Jan
More information about the Bro
mailing list